'\" te
.\" Copyright (C) 2002, Sun Microsystems, Inc.
.\" All Rights Reserved
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
.TH PAM_DIAL_AUTH 7 "Sep 9, 2004"
.SH NAME
pam_dial_auth \- authentication management PAM module for dialups
.SH SYNOPSIS
.LP
.nf
\fBpam_dial_auth.so.1\fR
.fi

.SH DESCRIPTION
.sp
.LP
The \fBpam_dial_auth\fR module implements \fBpam_sm_authenticate\fR(3PAM) which
authenticates the user according to the \fBdialups\fR(5) and \fBd_passwd\fR(5)
files configuration.
.sp
.LP
Authentication service modules must implement both \fBpam_sm_authenticate()\fR
and \fBpam_sm_setcred()\fR. \fBpam_sm_setcred()\fR in this module always
returns \fBPAM_IGNORE\fR.
.sp
.LP
The value of the \fBPAM_TTY\fR item is checked against entries in
\fBdialups\fR(5). If there is a match, the user's shell is compared against
entries in \fBd_passwd\fR(5). If there is a matching entry, the user is
prompted for a password which is validated against the entry found.
.sp
.LP
The following option may be passed in to this service module:
.sp
.ne 2
.na
\fB\fBdebug\fR\fR
.ad
.RS 9n
\fBsyslog\fR(3C) debugging information at \fBLOG_DEBUG\fR level.
.RE

.SH ERRORS
.sp
.LP
If \fBdialups\fR(5) is not present, \fBPAM_IGNORE\fR is returned. Upon
successful completion of \fBpam_sm_authenticate()\fR, \fBPAM_SUCCESS\fR is
returned. The following error codes are returned upon error:
.sp
.ne 2
.na
\fB\fBPAM_AUTH_ERR\fR\fR
.ad
.RS 20n
Authentication failure.
.RE

.sp
.ne 2
.na
\fB\fBPAM_SERVICE_ERR\fR\fR
.ad
.RS 20n
Error in the calling service, \fBPAM_TTY\fR is not set.
.RE

.sp
.ne 2
.na
\fB\fBPAM_SYSTEM_ERR\fR\fR
.ad
.RS 20n
System error (\fBd_passwd\fR(5) is not present).
.RE

.sp
.ne 2
.na
\fB\fBPAM_USER_UNKNOWN\fR\fR
.ad
.RS 20n
No account is present for \fIuser\fR.
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(7) for a description of the following attributes:
.sp

.sp
.TS
box;
c | c
l | l .
ATTRIBUTE TYPE	ATTRIBUTE VALUE
_
MT Level	MT-Safe with exceptions
.TE

.SH SEE ALSO
.sp
.LP
.BR libpam (3LIB),
.BR pam (3PAM),
.BR pam_authenticate (3PAM),
.BR pam_sm_authenticate (3PAM),
.BR d_passwd (5),
.BR dialups (5),
.BR pam.conf (5),
.BR attributes (7),
.BR pam_authtok_check (7),
.BR pam_authtok_get (7),
.BR pam_authtok_store (7),
.BR pam_dhkeys (7),
.BR pam_passwd_auth (7),
.BR pam_unix_account (7),
.BR pam_unix_auth (7),
.BR pam_unix_session (7)
.SH NOTES
.sp
.LP
The interfaces in \fBlibpam\fR(3LIB) are MT-Safe only if each thread within the
multi-threaded application uses its own \fBPAM\fR handle.
.sp
.LP
The \fBpam_unix\fR(7) module is no longer supported. Similar functionality is
provided by \fBpam_authtok_check\fR(7), \fBpam_authtok_get\fR(7),
\fBpam_authtok_store\fR(7), \fBpam_dhkeys\fR(7), \fBpam_passwd_auth\fR(7),
\fBpam_unix_account\fR(7), \fBpam_unix_auth\fR(7), and
\fBpam_unix_session\fR(7).
